Authentication/Integration/API keys are used in API integration, Pre-build integrations, and Mobile SDK integration.


In this article you will learn about:

Where to find the API keys?


The integration keys are available at Merchant Dashboard > Developers > API Keys > Key Management. 
You can add several keys and revoke any of the generated keys at any point.


Revoking any key will stop any integration that uses it from working, keys cannot be recovered after being revoked





- There are two keys will be generated by default (Test API KEY) that will be used for plugins, API...etc., and the (Test SDK Key) that can be used when you are integrating thorough SDK.



How to generate new API key?


Click the (+) icon to generate new API keys.




Now you can use these keys in any integration method that PayTabs provides. 


What is the default signature key?


As you can notice after creating multiple keys, a button (set as default signature key) can be found next to one or more of your keys (as in the following figure)




-What is the signature?


After payment a callback/IPN (server-to-server call) would be sent to the target URL with all transaction details, the signature is the way to verify the source of the callback request.


To learn more about How to verify the response received from PayTabs? (Signature Verification), How to configure Instant payment notification (IPN), or what is the callback, kindly check the following resources: 
- How to verify the response received from PayTabs? (Signature Verification)
- How to configure Instant payment notification (IPN)?
Request/Response Parameters | The Callback URL (callback)



-The signature key

Usually, PayTabs uses the same server key used in the initial payment request to encrypt the callback/IPN signature, note that those initial payment requests are done via PT2 APIs using a server key.

However, the transactions that are created using other channels (PayLinks, Dashboard invoices) don't have the initial payment request nor the server key on the request headers, this is the reason for using the default signature key.




-Setting the default signature key

By setting the default signature key, you are asking PayTabs to use this key as the default key to encrypt the signature, in case the used channel doesn't have a server key in creating the transaction process like (PayLink, Dashboard invoices).


How to Set IP limits?


This option allows you to limit which IP address(es) the server key can be used from, and any other IPs will get an error of "Authentication failed " in this case.
If no limit is set, then the key can be used from any IP address.